Thanks, that helps quite a bit. I was so focused on the as numbers rather than the literal path. I tried your suggestion along with various other permutations and it worked as expected. It's quite obvious when it is pointed out to you. I knew it was something basic I was overlooking. Thanks again for the help.
On Sat, Oct 9, 2010 at 3:42 PM, Cody Cook <[email protected]> wrote: > Is there a way to filter out routes that transit an AS that is a > confederation peer using an as-path access list? I may be missing > something but I am unable to get it to work in my lab. Say you have > the following output from sh ip bgp: > > *>i191.15.0.23/32 191.15.0.2 0 100 0 (23) ? > > *> 210.4.43.0 191.15.0.23 0 100 0 (23 123) > 110 70 115 e > > *> 210.210.20.0 191.15.0.23 0 100 0 (23 63) 70 e > > *> 210.210.21.0 191.15.0.23 0 100 0 (23) 70 e > > I can manipulate the AS paths external to the confederation how I want > using an as-path list applying them to the neighbor via a route-map , > but for those AS numbers within the confederation, I am unable to > filter in this manner. For example: > ip as-path access-list 1 deny _110_ Works > ip as-path access-list 1 deny _123_ Does not work > > I have other methods for filtering this traffic as well, but I was > thinking that this would be a better solution in that I wouldn't have > to care about the specific routes from the AS in question. Does this > make sense? What am I missing here? > > Thanks. > Cody > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
